neta-elementum

SUSPICIOUS. The skill's capabilities broadly match its stated purpose, and the OAuth device flow is proportionate for authenticated Elementum management. However, all sensitive actions are funneled through an unpinned `npx @latest` CLI, token handling is delegated to package code, and the skill expands trust to another skill. This looks more like a legitimate but medium-risk CLI wrapper skill than confirmed malware.